|
|
Security Standards
On August 12, 1998, we published a proposed rule (63 FR 43242)
to establish a minimum standard for security of electronic health
information. We proposed that the standard would require the safeguarding
of all electronic health information by covered entities. The proposed
rule also proposed a standard for electronic signatures. This final
rule adopts only security standards. All comments concerning the
proposed electronic signature standard, responses to these comments,
and a final rule for electronic signatures will be published at
a later date.
A detailed discussion of the provisions of the August 12, 1998
proposed rule can be found at 63 FR 43245 through 43259. We originally
proposed to add part 142, entitled "Administrative requirements,"
to title 45 of the Code of Federal Regulations (CFR). It has now
been determined that this material will reside in subchapter C of
title 45, consisting of parts 160, 162, and 164. Subpart A of part
160 contains the general provisions applicable to all the Administrative
Simplification rules; other subparts of part 160 will contain other
requirements applicable to all standards. Part 162 contains the
standards for transactions and code sets and will contain the identifier
standards. Part 164 contains the standards relating to privacy and
security. Subpart A of part 164 contains general provisions applicable
to part 164; subpart E contains the privacy standards. Subpart C
of part 164, which is adopted in this final rule, adopts standards
for the security of electronic protected health information.
|
 |
 |
